CVE-2015-7056

Apple Xcode < 7.1.1 - Sensitive Information Exposure via .gitignore Mismanagement

Title source: llm
STIX 2.1

Description

IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern.

References (3)

Core 3
Core References
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT205642
Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1034340

Scores

EPSS 0.0129
EPSS Percentile 66.7%

Details

CWE
CWE-200
Status published
Products (1)
apple/xcode < 7.1.1
Published Dec 11, 2015
Tracked Since Feb 18, 2026